Lovense fixed bugs exposing emails and allowing account takeovers. Company CEO may take legal action after the flaws were publicly disclosed. Lovense, a manufacturer of internet-connected sex toys, fixed... Read more »

State-backed group CL-STA-0969 hit Southeast Asian telecoms in 2024, targeting critical infrastructure, says Palo Alto Networks’ Unit 42. Palo Alto Networks reported that a nation-state actor, tracked as CL-STA-0969,... Read more »

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Endgame Gear mouse config tool infected users with... Read more »

Akira ransomware targets fully patched SonicWall VPNs in suspected zero-day attacks, with multiple intrusions seen in late July 2025. Arctic Wolf Labs researchers reported that Akira ransomware is exploiting... Read more »

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

A stealthy Linux backdoor named Plague, hidden as a malicious PAM module, allows attackers to bypass auth and maintain persistent SSH access. Nextron Systems researchers discovered a new stealthy... Read more »

China questioned Nvidia over suspected backdoors in its H20 chips, adding to rising tensions in the tech fight between the U.S. and Beijing. China’s internet watchdog has summoned Nvidia... Read more »

AI-generated npm package @kodane/patch-manager drained Solana wallets; 1,500+ downloads before takedown on July 28, 2025. AI-generated npm package @kodane/patch-manager was flagged for hiding malicious software to drain Solana wallets.... Read more »

Meta backs Pwn2Own Ireland 2025 in Cork, offering up to $1M for WhatsApp exploits; targets include phones and wearables, Oct 21–24 via Zero Day Initiative. Meta is sponsoring ZDI’s... Read more »